Benefits Partner, LLC Salus Group Data Breach Exposes SSNs

On October 9, 2024, Benefits Partner, LLC dba Salus Group experienced a data breach involving unauthorized access to an employee's email account. The company became aware of suspicious activity within the account in October and took steps to secure it. They disabled the affected email account, reset the employee's password, and initiated a detailed investigation with the help of a third-party forensic firm.

The investigation revealed that the unauthorized individual had access to the employee's email account on October 9, 2024. However, investigators could not determine precisely which emails or attachments, if any, were viewed by the unauthorized individual. To address this uncertainty, Salus Group conducted a comprehensive review of the entire email account, carefully examining all emails and attachments to identify any personal information that may have been exposed.

The analysis, completed in late February 2025, showed that the compromised email account contained sensitive personal information for certain individuals. The types of information exposed included personally identifiable information (PII) such as names, dates of birth, Social Security numbers, driver's license numbers, and financial account information. Protected health information (PHI) such as health insurance information and clinical or treatment details were also present in the compromised account.

Salus Group reported the incident to the Texas Attorney General and Massachusetts Attorney General on April 8, 2025, stating that 586 and 75 residents were affected in each state, respectively. In addition, 41 residents of Rhode Island are affected.

Salus Group's Response

Upon discovering the breach, Salus Group promptly took measures to secure the compromised email account and launched a thorough investigation into the incident. After completing their analysis, they began notifying affected employers and insurance carriers around March 27, 2025. Additionally, Salus Group notified affected individuals directly by U.S. Mail.

To assist individuals potentially impacted by this breach, Salus Group has established a dedicated toll-free call center at (866) 408-1493, available Monday through Friday from 9:00 a.m. to 6:30 p.m. Eastern Time. They are also offering complimentary credit monitoring and identity protection services through Kroll to all affected individuals. Instructions on how to activate these services are included in the notification letters sent by mail.

Although Salus Group has indicated that there is no evidence of misuse of the exposed information at this time, it is recommended that affected individuals remain vigilant. Individuals should monitor their financial account statements and regularly review their free credit reports for any unauthorized activity. If suspicious activity is detected, individuals should promptly report it to their financial institution and relevant authorities.

Salus Group has implemented additional security controls within their email environment and provided further training to employees on identifying and avoiding suspicious emails. More information about this incident can be found on the Salus Group's security incident page.

More information about the company and its services can be found on the Salus Group's official website.